Cryptocurrency Opinion and Analysis

2 auditors miss $27M Penpie flaw, Pythia’s ‘claim rewards’ bug: Crypto-Sec

2024.09.09 21:15

Voiced by Amazon PollyVoiced by Amazon Polly

Pythia hit with reentrancy attack

Decentralized finance protocol Pythia Finance was drained of $53,000 via a reentrancy attack on Sept. 3, according to a report from blockchain security firm Quill Audits. Pythia is an algorithmic stablecoin project that aims to use artificial intelligence to manage its treasury.

The attacker called the “claim rewards” function repeatedly, without allowing the reward balance to be updated after each call, allowing them to collect more rewards than they were entitled to.

According to the report, the attacker was able to call this function repeatedly and in rapid succession because Pythia called the token’s “safe transfer” function when rewards were distributed. Thus, a malicious token contract could call back Pythia, causing Pythia to call it back again, and resulting in a chain reaction that could drain the protocol’s funds.

Pythia code with exploit vulnerability on the left and a text explanation of it on the right.Pythia code with exploit vulnerability on the left and a text explanation of it on the right.Screenshot of Pythia partial audit report. (Pythia / X).

Quill Audits’ partial audit report for Pythia shows zero unresolved security issues, implying that the team may have upgraded the contract to prevent any further use of this exploit.

A reentrancy attack, in which an attacker calls a function repeatedly without allowing its code to fully execute, is one of the most common types of smart contract exploits.

Zyxel critical vulnerability

On Sept. 4, networking hardware manufacturer Zyxel disclosed a critical vulnerability in some of its networking devices that could have allowed attackers to execute code on user’s routers and access points, potentially allowing hackers to gain access to users’ devices.

According to the disclosure, the vulnerability was the result of “The improper neutralization of special elements in the parameter ‘host’ in the CGI program” of several different firmware versions. Because of this improper neutralization, these firmware versions “could allow an unauthenticated attacker to execute OS commands by sending a crafted cookie to a vulnerable device.”

Crypto wallet users should be especially cautious about potential attacks against their home networks. If an attacker gains access to a user’s home network, they can use this access to redirect a user’s traffic through DNS spoofing, view any unencrypted data sent across the network, or use deep packet inspection to decrypt data that is encrypted. The data obtained may be used for social engineering attacks to convince the user to approve transactions or to share their private keys.

Zyxel has provided a list of the potentially affected devices, which includes the NWA50AX PRO, NWA90AX, WAC500, and other access points, as well as the USG LITE 60AX router. The manufacturer advised users of these devices to upgrade their firmware.

Penpie exploiter created fake Pendle Market

The $27 million Penpie exploit was made possible because of a flaw that allowed any user to create a Pendle market, according to a Sept. 4 report from blockchain security firm Zokyo. The report claims that an earlier version of the protocol was audited by Zokyo but did not contain the flaw at the time.

Penpie contains a function called “registerPenpiePool” that can be used to register a new pool address and Pendle Market, the report stated. To prevent malicious markets from registering, it contains a modifier that checks to see if the Pendle Market is already listed in Pendle Finance’s factory contract. If it’s not listed in this factory contract, then it can’t be registered. However, any user can get their market listed in the factory contract by calling the createNewMarket function in the factory contract. According to the report, this essentially means that any user can create a Pendle Market and register it.

The attacker exploited this vulnerability to create a fake Pendle Market and pool, which were configured to provide valuable Pendle tokens as rewards.

Pendle Finance code for create new market functionPendle Finance code for create new market functionPendle Finance createNewMarket function. (Zokyo).

The protocol also contained a reentrancy flaw that allowed any market to deposit tokens repeatedly and before other balances could be updated. The attacker called the deposit function over and over again, artificially inflating the rewards to be earned. They then withdrew the deposit and claimed the rewards, draining the protocol of over $27 million.

According to the report, the reentrancy flaw existed in the version that Zokyo audited. But in that version, only the protocol team would have been able to register a new pool and market, which should have prevented an external attacker from making use of it. The report states:

“The _market parameter received in the batchHarvestMarketRewards(…) method was not expected to be malicious as in the earlier version of the code audited by Zokyo, only the owner (multi-sig) can register a pool.”

In a separate report published on Sept. 3, the Penpie team claimed that it introduced “permissionless pool registration” approximately one year after Zokyo performed its audit. At the time, it hired security firm AstraSec to audit the new registration system. However, only the new contracts were in scope of this audit. Since the exploit resulted from an interaction between two different contracts audited by two different teams, neither of them caught the vulnerability. Penpie claimed that it will do “periodic audits of the entire protocol” in the future to ensure that incidents like this won’t happen again.

Penpie is a decentralized finance protocol that attempts to provide yield boosting to Pendle Finance users. The exploit against it occurred on Sept. 3.

2 auditors miss $27M Penpie flaw, Pythia’s ‘claim rewards’ bug: Crypto-Sec2 auditors miss $27M Penpie flaw, Pythia’s ‘claim rewards’ bug: Crypto-Sec

Christopher Roark

Some say he’s a white hat hacker who lives in the black mining hills of Dakota and pretends to be a children’s crossing guard to throw the NSA off the scent. All we know is that Christopher Roark has a pathological desire to hunt down scammers and hackers.

Source link

Related Articles

Back to top button
bitcoin
Bitcoin (BTC) $ 62,215.67 2.37%
ethereum
Ethereum (ETH) $ 2,432.66 1.71%
tether
Tether (USDT) $ 0.999626 0.10%
bnb
BNB (BNB) $ 579.41 0.55%
solana
Solana (SOL) $ 142.73 4.25%
usd-coin
USDC (USDC) $ 1.00 0.04%
xrp
XRP (XRP) $ 0.529163 2.62%
staked-ether
Lido Staked Ether (STETH) $ 2,433.12 1.61%
dogecoin
Dogecoin (DOGE) $ 0.106641 5.13%
tron
TRON (TRX) $ 0.158304 1.26%
the-open-network
Toncoin (TON) $ 5.18 2.21%
cardano
Cardano (ADA) $ 0.344714 3.89%
avalanche-2
Avalanche (AVAX) $ 26.33 3.54%
shiba-inu
Shiba Inu (SHIB) $ 0.000017 5.75%
wrapped-steth
Wrapped stETH (WSTETH) $ 2,875.83 1.60%
wrapped-bitcoin
Wrapped Bitcoin (WBTC) $ 62,101.64 2.39%
weth
WETH (WETH) $ 2,434.34 1.66%
chainlink
Chainlink (LINK) $ 10.92 4.90%
bitcoin-cash
Bitcoin Cash (BCH) $ 328.68 0.80%
polkadot
Polkadot (DOT) $ 4.10 3.16%
dai
Dai (DAI) $ 1.00 0.00%
leo-token
LEO Token (LEO) $ 5.97 0.84%
near
NEAR Protocol (NEAR) $ 4.93 6.69%
sui
Sui (SUI) $ 1.95 8.45%
uniswap
Uniswap (UNI) $ 7.07 4.96%
litecoin
Litecoin (LTC) $ 65.52 0.80%
bittensor
Bittensor (TAO) $ 629.11 0.20%
aptos
Aptos (APT) $ 9.21 0.15%
wrapped-eeth
Wrapped eETH (WEETH) $ 2,554.89 1.64%
pepe
Pepe (PEPE) $ 0.000009 10.27%
internet-computer
Internet Computer (ICP) $ 7.99 5.22%
fetch-ai
Artificial Superintelligence Alliance (FET) $ 1.42 7.59%
kaspa
Kaspa (KAS) $ 0.141586 1.75%
first-digital-usd
First Digital USD (FDUSD) $ 1.00 0.14%
polygon-ecosystem-token
POL (ex-MATIC) (POL) $ 0.374065 2.62%
monero
Monero (XMR) $ 149.75 2.17%
ethereum-classic
Ethereum Classic (ETC) $ 18.27 3.36%
stellar
Stellar (XLM) $ 0.090303 1.98%
blockstack
Stacks (STX) $ 1.76 3.48%
okb
OKB (OKB) $ 42.69 1.52%
ethena-usde
Ethena USDe (USDE) $ 0.999146 0.06%
dogwifcoin
dogwifhat (WIF) $ 2.46 10.81%
immutable-x
Immutable (IMX) $ 1.43 8.37%
filecoin
Filecoin (FIL) $ 3.63 4.25%
aave
Aave (AAVE) $ 142.47 5.76%
crypto-com-chain
Cronos (CRO) $ 0.076026 5.22%
render-token
Render (RENDER) $ 5.21 5.65%
optimism
Optimism (OP) $ 1.62 5.71%
hedera-hashgraph
Hedera (HBAR) $ 0.052048 4.04%
arbitrum
Arbitrum (ARB) $ 0.539575 4.74%